Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!
Hi,
On Sat, Jan 10, 2026 at 05:02:59PM +0100, Reinder wrote:
> got stuck and only got it to work with the bottom two lines below in my
> /etc/sysctl.d/am-no-ipv6.conf:
>
> root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf
> net.ipv6.conf.all.accept_ra=0
> net.ipv6.conf.all.autoconf=0
> net.ipv6.conf.default.accept_ra=0
> net.ipv6.conf.default.autoconf=0
> net.ipv6.conf.ens18.accept_ra=0
> net.ipv6.conf.ens19.accept_ra=0
> root@reinder:~#
>
> This is, to me, unexpected, even unwanted behavior?
> I would expect disabling default and all to work and prevent ipv6 routing
> and perhaps need of firewalling?!
I think there is a race condition where some/all interfaces are created
before the sysctls are applied, and the "default" and "all" settings
only apply for interfaces created after they are set. ANyway, I've also
always had to set the same thing on the specific interface's sysctl when
I wanted to do this.
> root@reinder:~# tail -7 /etc/dhcpcd.conf
> ## only ipv4
> ipv4only
> ipv6ra_noautoconf
> nodhcp6
> noipv6
> noipv6rs
> noipv4ll
> root@reinder:~#
>
> root@reinder:~# cat /etc/network/interfaces
> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).
>
> source /etc/network/interfaces.d/*
>
> # The loopback network interface
> auto lo
> iface lo inet loopback
>
> # The primary network interface
> allow-hotplug ens18
> iface ens18 inet dhcp
> iface ens18 inet6 static
> autoconf 0
> accept_ra 0
>
> # The secondary network interface
> allow-hotplug ens19
> iface ens19 inet dhcp
> iface ens19 inet6 static
> autoconf 0
> accept_ra 0
I haven't tried to adjust IPv6 settings with DHCP but I do seem to
recall there is a known bug with DHCP configuring IPv6 things even when
it is only invoked for IPv4 purposes, as you have here.
Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Reply to: